CVE-2023-2005: Tenable Plugin Feed ID #202306261202 Fixes Privilege Escalation Vulnerability

6.3 CVSS

Description

Vulnerability in Tenable Tenable.Io, Tenable Nessus, Tenable Security Center.This issue affects Tenable.Io: before Plugin Feed ID #202306261202 ; Nessus: before Plugin Feed ID #202306261202 ; Security Center: before Plugin Feed ID #202306261202 .

This vulnerability could allow a malicious actor with sufficient permissions on a scan target to place a binary in a specific filesystem location, and abuse the impacted plugin in order to escalate privileges.

Classification

CVE ID: CVE-2023-2005

CVSS Base Severity: MEDIUM

CVSS Base Score: 6.3

Affected Products

Vendor: Tenable

Product: Tenable.io

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.11% (probability of being exploited)

EPSS Percentile: 46.1% (scored less or equal to compared to others)

EPSS Date: 2025-02-03 (when was this score calculated)

References

https://www.tenable.com/security/tns-2023-21

Timeline

2024-12-04 00:10:49 UTC
CVE

Tenable Plugin Feed ID #202306261202 Fixes Privilege Escalation Vulnerability